Enhanced Session Initiation Protocols for Emergency Healthcare Applications
This work tackles secure and efficient communication protocols for emergency healthcare applications, but it is incremental as it builds on prior schemes.
The paper addresses security vulnerabilities in existing session initiation protocols (SIPs) for emergency healthcare, specifically identifying failures in protecting user credentials during session exposure attacks, and proposes an improvement that maintains computational efficiency.
In medical emergencies, an instant and secure messaging is an important service to provide quality healthcare services. A session initiation protocol (SIP) is an IP-based multimedia and telephony communication protocol used to provide instant messaging services. Thus, design of secure and efficient SIP for quality medical services is an emerging problem. In this paper, we first explore the security limitations of the existing SIPs proposed by Sureshkumar et al. and Zhang et al. in the literature. Our analysis shows that most of the existing schemes fail to protect the user credentials when unexpectedly the session-specific ephemeral secrets revealed to an adversary by the session exposure attacks. We then present a possible improvement over Sureshkumar et al.'s scheme without increasing the computational cost. We compare the proposed improvement for computational overheads and security features with the various related existing schemes in the literature.